[Secure-testing-commits] r5908 - in data: CVE DSA

jmm-guest at alioth.debian.org jmm-guest at alioth.debian.org
Wed May 23 21:29:10 UTC 2007 

Author: jmm-guest
Date: 2007-05-23 21:29:09 +0000 (Wed, 23 May 2007)
New Revision: 5908

Modified:
   data/CVE/list
   data/DSA/list
Log:
- CVE-2007-1583 was fixed in DSA-1282
- madwifi non-free -> no-dsa
- no-dsa for minor gnupg issue
- correctly assign CVE-2007-1001 libgd2, our php5 links dynamically


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2007-05-23 21:07:52 UTC (rev 5907)
+++ data/CVE/list	2007-05-23 21:29:09 UTC (rev 5908)
@@ -1,5 +1,6 @@
 CVE-2007-XXXX [MadWifi several DoS, one of them remote]
 	- madwifi 1:0.9.3-2
+	[etch] - madwifi <no-dsa> (Non-free not supported)
 CVE-2007-XXXX [mantis multiple issues fixed in 1.0.7]
 	- mantis 1.0.7+dfsg-1
 	NOTE: "email notifications bypass security on custom fields" and "XSS vulnerabilities"
@@ -3608,6 +3609,8 @@
 	- gnupg 1.4.6-2 (bug #413922; low)
 	- gpgme1.0 1.1.2-3 (bug #414170; low)
 	- gnupg2 2.0.3-1
+	[sarge] - gnupg2 <no-dsa> (Minor issue)
+	[etch] - gnupg2 <no-dsa> (Minor issue)
 CVE-2007-1262 (Multiple cross-site scripting (XSS) vulnerabilities in the HTML filter ...)
 	{DSA-1290-1}
 	- squirrelmail 2:1.4.10a-1
@@ -4384,7 +4387,9 @@
 	- evolution <unfixed>
 	[sarge] - evolution <not-affected> (Vulnerable code not present)
 CVE-2007-1001 (Multiple integer overflows in the (1) createwbmp and (2) readwbmp ...)
-	- php5 <unfixed> (medium)
+	- libgd2 <unfixed> (medium)
+	NOTE: Although reported initially for PHP5, this needs to be fixed in gd2, our
+	NOTE: PHP5 links dynamically
 CVE-2007-1000 (The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the ...)
 	- linux-2.6 2.6.18.dfsg.1-12 (medium)
 CVE-2007-0999 (Format string vulnerability in Ekiga 2.0.3, and probably other ...)

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2007-05-23 21:07:52 UTC (rev 5907)
+++ data/DSA/list	2007-05-23 21:29:09 UTC (rev 5908)
@@ -42,7 +42,7 @@
 	{CVE-2007-1286 CVE-2007-1375 CVE-2007-1376 CVE-2007-1380 CVE-2007-1453 CVE-2007-1454 CVE-2007-1521 CVE-2007-1583 CVE-2007-1700 CVE-2007-1711 CVE-2007-1718 CVE-2007-1777 CVE-2007-1824 CVE-2007-1887 CVE-2007-1889 CVE-2007-1900 CVE-2007-1522}
 	[etch] - php5 5.2.0-8+etch3
 [26 Apr 2007] DSA-1282-1 php4
-	{CVE-2007-1286 CVE-2007-1380 CVE-2007-1521 CVE-2007-1711 CVE-2007-1718 CVE-2007-1777}
+	{CVE-2007-1286 CVE-2007-1380 CVE-2007-1521 CVE-2007-1583 CVE-2007-1711 CVE-2007-1718 CVE-2007-1777}
 	[sarge] - php4 4:4.3.10-20
 	[etch] - php4 6:4.4.4-8+etch2
 [25 Apr 2007] DSA-1281-1 clamav - several vulnerabilities

More information about the Secure-testing-commits mailing list